computer lockdown

wheels69's Avatar
what should someone do to lkep thier computer from hacker or unwanted eyes

is there a way to change or disable IP address
a way to clean the hard drive ...to wipe out past emails or sites that have been visted
Changing ip address: use a proxy
Even more secure but extremely slow: Use Tor

Clean hard drive/history/cookies: CCleaner is a good start, and there are NSA certified disk wiping programs out there, but even a bulk magnetic eraser can't entirely wipe everything out from today's forensic computing specialists. Vaseline + hammer + dispersing the bits across a wide geographic area is the only guarantee. As for what emails/sites, ISP's keep records for a minimum of 30 days, sometimes up to a year, even longer for an active investigation, so unless you setup Tor and have done everything related from day 1 through a tor connection, if they want you they will get you.

http://xkcd.com/538/
tia travels's Avatar
Very useful info.....I'm taking note. Thanks for sharing.
wheels69's Avatar
Thanks for the info. ...I guess the only full proof way is a hammer or T-N-T
Changing ip address: use a proxy
Even more secure but extremely slow: Use Tor

Clean hard drive/history/cookies: CCleaner is a good start, and there are NSA certified disk wiping programs out there, but even a bulk magnetic eraser can't entirely wipe everything out from today's forensic computing specialists. Vaseline + hammer + dispersing the bits across a wide geographic area is the only guarantee. As for what emails/sites, ISP's keep records for a minimum of 30 days, sometimes up to a year, even longer for an active investigation, so unless you setup Tor and have done everything related from day 1 through a tor connection, if they want you they will get you.

http://xkcd.com/538/ Originally Posted by badbottom
Thus the reason for as much plausible denialibility as possible. For hard drive cleaning, you can do a basic format, then drop off at a computer security center that does drive shredding. Most of these locations will do this without taking your name. Then, you can avoid doing anything hobby related from your new hard drive. If you must use a PC, then run it in a virtual session, preferibly one that is based out of your RAM, and not the hard drive. As that is likely way too advanced, difficult, and awkward, setup tor, and some version of a portable browser on a flash drive. One of those ironkey ones would be good.

Tor has a setup for portable versions. Firefox also has a portable version. With this setup, you can use any PC and still have your browser/TOR client configured. All temp files and other things accessed should be stored to the flash drive not the PC you're using.

As for the IP address thing. According to a new Bill, HC1989 (I think) ISPs will be required to keep all internet information including ip address, internet history (DNS history) credit card info, and email/chat for a few years. Granted this is a bill, not a law yet.

I personally access all hobby stuff from a PDA over a VPN connection (L2TP/IPSec encryption) from a VPN provider who does not keep usage logs. I also use a browser that does not keep a cache, cookies, or info beyond an active session. I use a PDA as I can be sure they is no keylogger or other software installed (such as a screencapture program). Granted, my methods may seem extreme but I've worked for telecoms, and I know just what can be found in a data stream as well as sms (text messaging). As my methods are extreme I suggest looking into what I said earlier. Format the drive and drop it off for shredding at a computer security place. Use a flash drive with portable tor and firefox for hobby.
One other option, they have live CD's of Linux that will boot and have a TOR version of Firefox installed. Take an old computer, remove the harddrive, and boot from the CD. Everything's in RAM, gone when you turn the PC off. Well, gone in about an hour, possibly longer if the NSA is involved.

Of course, then you need to put your whole system in a faraday cage so they don't remotely view your monitor through EM scanning, but at that point it is tinfoil hat time, or if they are using that level of monitoring then you are already screwed as they don't waste that on the simple stuff.
Gotyour6's Avatar
Encrypt the hard drive.
No way in hell anyone is getting to it with out the password.

The goverment could try but depending on the password used it could take hundreds of years to decrypt just the password.

My notebook in encrypted with a SSD drive on it.
I lose it, I get a new notebook.
Data wont concern me. No way to lok at it.

Surf the net using a proxy.
Changing ip address: use a proxy
Even more secure but extremely slow: Use Tor

Clean hard drive/history/cookies: CCleaner is a good start, and there are NSA certified disk wiping programs out there, but even a bulk magnetic eraser can't entirely wipe everything out from today's forensic computing specialists. Vaseline + hammer + dispersing the bits across a wide geographic area is the only guarantee. As for what emails/sites, ISP's keep records for a minimum of 30 days, sometimes up to a year, even longer for an active investigation, so unless you setup Tor and have done everything related from day 1 through a tor connection, if they want you they will get you.

http://xkcd.com/538/ Originally Posted by badbottom
This actually has merit.. All modern drives have a breathe hole.. usually covered up by a white filter cover..get a syringe used for injecting thermal paste (or just use thermal paste) but basically introduce a foreign paste/oil or solvent etc inside the drive.. the more the better.. and then use a USB drive cable rig for connecting a raw drive to a usb port to spin it up so you are cleared
Encrypt the hard drive.
No way in hell anyone is getting to it with out the password. Originally Posted by Gotyour6
http://xkcd.com/538/
what should someone do to lkep thier computer from hacker or unwanted eyes

is there a way to change or disable IP address
a way to clean the hard drive ...to wipe out past emails or sites that have been visted Originally Posted by wheels69
Lots of technical answers...to a simple question. If a determined knowledgeable hacker wants into your system....they're getting in. We're talking about people who hack banks and DoD systems for fun...and they don't do it that often because they CAN be traced. There are all kinds of anti-hacker programs...a decently configured profile with fire walling will take care of 99% of hacker mischief -- but...why would these guys want in YOUR system? You are generally safe in a sea of millions of users, but your threats are more local...neighbors and family.

Hiding your local wireless means that your connection won't present a tempting target for the amateur wanna be hacker (15 year old kid who reads hacker websites). Most people don't even use firewalls or user profiles on their computers...guess where they're going to hack?

What's the most common WiFi password? The default for that router brand (or "password".)

Many of us have prying eyes which constitute children in the home who use the computer, or Significant Others.....I'd say that's the 99% threat.

Big basic hint..... ***Use the profile capabilities of your OS, whether Windows or Mac OS X, or Linux. Be the "administrator". Keep your password secret. You can also do stuff like stash files in folders with special permissions within your profile data (series of folders with your login which contain your files and settings and things like wallpaper on your hard drive). It does help with internal security against hackers....so if the SO wonders why the password? Got to protect against prying eyes....just not telling her it's HER prying eyes....

More to do...use Private Browsing...the option which doesn't leave the breadcrumbs in the browser history, install cookies, or save passwords. You'll want to go behind you and make sure it's working. Want to save some special files...like pics of your special session with your favorite "friend"...use off system storage. Dropbox and others don't care that your files are in the "X" range....you can even access your stuff from your smartphone too.

Biggest of all...NEVER save a password...memorize everything.
ZedX79's Avatar
I am more curious what you're trying to get away from or hide from someone.
Lots of technical answers...to a simple question. If a determined knowledgeable hacker wants into your system....they're getting in. We're talking about people who hack banks and DoD systems for fun...and they don't do it that often because they CAN be traced. There are all kinds of anti-hacker programs...a decently configured profile with fire walling will take care of 99% of hacker mischief -- but...why would these guys want in YOUR system? You are generally safe in a sea of millions of users, but your threats are more local...neighbors and family.

Hiding your local wireless means that your connection won't present a tempting target for the amateur wanna be hacker (15 year old kid who reads hacker websites). Most people don't even use firewalls or user profiles on their computers...guess where they're going to hack?

What's the most common WiFi password? The default for that router brand (or "password".)

Many of us have prying eyes which constitute children in the home who use the computer, or Significant Others.....I'd say that's the 99% threat.

Big basic hint..... ***Use the profile capabilities of your OS, whether Windows or Mac OS X, or Linux. Be the "administrator". Keep your password secret. You can also do stuff like stash files in folders with special permissions within your profile data (series of folders with your login which contain your files and settings and things like wallpaper on your hard drive). It does help with internal security against hackers....so if the SO wonders why the password? Got to protect against prying eyes....just not telling her it's HER prying eyes....

More to do...use Private Browsing...the option which doesn't leave the breadcrumbs in the browser history, install cookies, or save passwords. You'll want to go behind you and make sure it's working. Want to save some special files...like pics of your special session with your favorite "friend"...use off system storage. Dropbox and others don't care that your files are in the "X" range....you can even access your stuff from your smartphone too.

Biggest of all...NEVER save a password...memorize everything. Originally Posted by TexanAtPlay
To answer the RED sections.. people who war drive (look it up) are all over.. used to be a hobby of mine.. before gas prices went up... but a true war driver is not interested in hopping on your network... just mapping its GPS location.

lock down your wifi.. even the most basic wifi routers out there have very good security.

router passwords.. guess what.. there is an APP for your droid phone that can load up over 3000 common routers and their access.


How do you hide yourself in your neighborhood? lock down the router, do NOT use the Administrative account for your normal stuff...use common sense, do not allow your kids to use your pc.. if it is the only one in the house.. buy them their own. store your porn on usb drives and only connect them when you want to add to or view it.
ck1942's Avatar
2 things:

1 - even if you are usually a lone person in a household, your computer should have at least 3 user accounts - Administrator, yourself, guest.

Only the admin has total access to the unit. yourself is obvious, and can do whatever browsing, composing, storing, etc, needed for yourself. guest gets to use limited areas of the computer and has access only to that software allowed by the admin. guest does not easily have access to all software used by yourself, nor to any of yourself's data bases. Needless to say, do not leave passwords lying around on post-it notes. Change passwords every once in a while, 60-90 days say, and never use a password for more than one account lest you lose control of multiple accounts.

2 - if there is more than one person in the household, that person (best solution) gets his/her own computer. Or has access to his/her own account (just like guest) on your unit.

Computers are cheap; security is "expensive" especially if you give it away.

NEVER allow anyone access to your home computer or to your phone/handset for that matter unless you are scrupulous in watching them use it or have essential security enabled.

Be discreet in hobbying or in other activities that might compromise your life.
wheels69's Avatar
I have my pc connected to a rounter and a tablet which connects thur wi-fi
I change my password evert now and then

The reason I was asking was because. ..big brother ( LE ) have thier own computer guys and they can hack your computer to obtain your personal information